BO XI R3
We are experiencing this really strange phenomenon.
We have AD authentication enabled which worked fine until some persons start complaining they got the error "Account Information Not Recognized: Access is denied" when trying to logon to the CMC.
It sounded as a normal lack of rights. However after some investigation i don't have any clue.
1) i checked the user and its memberships. Then i checked access to the CMC -> OK
- BO group 1
- BO group 2
- BO group 3
-AD group 4
rights to logon to CMC are given on BO group 3 level
2) password of the user was correct (because otherwise you'll get another error: Account Information Not Recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are ...)
3) another user (member of another AD group) could logon with AD authentication to the CMC, so no existing problems with AD authentication
4) i added an enterprise alias to the AD user1 account in BO to exclude rights problem ->SUCCESS, user could logon to CMC with enterprise auth. ==> definitely no rights problem
5) i asked other members of AD group4 to try to logon to CMC with AD credentials -> they all experience the same problems (Access denied)
6) then i thought there might be something wrong with the ADgroup linking. I removed the Ad group, updated Windows Ad auth and re-added, updated again. I then re-linked this AD group to the BO group 3. => problem persists.
7) an ultimate test (however i was pretty sure no rights issue was involved, see 4)), i added the user to the administrators group -> could login in CMC with Ad auth????
8) as this environment was a migration of our R2 environment, we had another R3 environment which had exactly the same R2 source => no problems with AD authentication over there?!!
Anyone a clue?